公开(公告)号：US20070171885A1

公开(公告)日：2007-07-26

申请号：US11695569

申请日：2007-04-02

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

IPC分类号： H04Q7/24

CPC分类号： H04W12/12 ,  H04L43/00 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04L63/1475 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W8/26 ,  H04W12/06 ,  H04W84/04 ,  H04W84/12

摘要： A method for protecting local area networks within a selected local geographic region (e.g. office, apartment, building, coffee shop, hot-spot etc.) from wireless attacks, using a wireless sniffer apparatus. The method includes placing one or more wireless sniffer apparatus spatially to provide substantial radio coverage over at least a portion of the selected local geographic region comprising one or more local area networks. Moreover the method includes coupling one or more of the wireless sniffer apparatus to one or more of the local area networks.

摘要翻译： 使用无线嗅探装置从无线攻击中保护选定的本地地理区域（例如办公室，公寓，建筑物，咖啡店，热点等）内的局域网的方法。 该方法包括在空间上放置一个或多个无线嗅探装置，以在包括一个或多个局域网的所选择的局部地理区域的至少一部分上提供实质的无线电覆盖。 此外，该方法包括将无线嗅探装置中的一个或多个耦合到一个或多个局域网。

公开(公告)号：US20080109879A1

公开(公告)日：2008-05-08

申请号：US11970532

申请日：2008-01-08

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

IPC分类号： G06F11/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus has a portable housing, which may have a length no greater than 1 meter, a width no greater than 1 meter, and a height of no greater than 1 meter. A processing unit (e.g., CPU) is within the housing. One or more wireless network interface devices are within the housing and are coupled to the processing unit. The apparatus has an Ethernet (or like) network interface device within the housing and coupled to the processing unit. A network connector is coupled to the Ethernet network device. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of a wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from at least one authorized device or at least an other device. A code is directed to receiving at least identity information associated with the wireless activity from the detection process in a classification process. A code is directed to labeling the identity information into at least one of a plurality of categories in the classification process. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

摘要翻译： 提供了一种包括自动入侵检测过程的无线通信装置。 该装置具有便携式外壳，其长度不得大于1米，宽度不大于1米，高度不得大于1米。 处理单元（例如，CPU）在壳体内。 一个或多个无线网络接口设备在壳体内并且耦合到处理单元。 该设备在外壳内具有以太网（或类似的）网络接口设备并且耦合到处理单元。 网络连接器耦合到以太网网络设备。 一个或多个存储器耦合到处理单元。 代码被指示执行用于检测所选局部地理区域内的无线活动的过程。 根据具体实施例，无线活动是从至少一个授权设备或至少另一个设备导出的。 代码针对在分类过程中从检测过程接收与无线活动相关联的至少身份信息。 代码用于将标识信息标记为分类处理中的多个类别中的至少一个。 根据实施例，存在其他代码以执行本文所描述的功能。

公开(公告)号：US20060002331A1

公开(公告)日：2006-01-05

申请号：US11123848

申请日：2005-05-06

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

IPC分类号： H04Q7/00

CPC分类号： H04W12/12 ,  H04L43/00 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1466 ,  H04L63/1475 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W8/26 ,  H04W12/06 ,  H04W84/04 ,  H04W84/12

摘要： A method for protecting local area networks within a selected local geographic region (e.g. office, apartment, building, coffee shop, hot-spot etc.) from wireless attacks, using a wireless sniffer apparatus. The method includes placing one or more wireless sniffer apparatus spatially to provide substantial radio coverage over at least a portion of the selected local geographic region comprising one or more local area networks. Moreover the method includes coupling one or more of the wireless sniffer apparatus to one or more of the local area networks.

摘要翻译： 使用无线嗅探装置从无线攻击中保护选定的本地地理区域（例如办公室，公寓，建筑物，咖啡店，热点等）内的局域网的方法。 该方法包括在空间上放置一个或多个无线嗅探装置，以在包括一个或多个局域网的所选择的局部地理区域的至少一部分上提供实质的无线电覆盖。 此外，该方法包括将无线嗅探装置中的一个或多个耦合到一个或多个局域网。

公开(公告)号：US20050259611A1

公开(公告)日：2005-11-24

申请号：US10931585

申请日：2004-08-31

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David King

IPC分类号： H04L12/28 ,  H04L29/06 ,  H04W12/12 ,  H04Q7/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus has a portable housing, which may have a length no greater than 1 meter, a width no greater than 1 meter, and a height of no greater than 1 meter. A processing unit (e.g., CPU) is within the housing. One or more wireless network interface devices are within the housing and are coupled to the processing unit. The apparatus has an Ethernet (or like) network interface device within the housing and coupled to the processing unit. A network connector is coupled to the Ethernet network device. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of a wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from at least one authorized device or at least an other device. A code is directed to receiving at least identity information associated with the wireless activity from the detection process in a classification process. A code is directed to labeling the identity information into at least one of a plurality of categories in the classification process. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

摘要翻译： 提供了一种包括自动入侵检测过程的无线通信装置。 该装置具有便携式外壳，其长度不得大于1米，宽度不大于1米，高度不得大于1米。 处理单元（例如，CPU）在壳体内。 一个或多个无线网络接口设备在壳体内并且耦合到处理单元。 该设备在外壳内具有以太网（或类似的）网络接口设备并且耦合到处理单元。 网络连接器耦合到以太网网络设备。 一个或多个存储器耦合到处理单元。 代码被指示执行用于检测所选局部地理区域内的无线活动的过程。 根据具体实施例，无线活动是从至少一个授权设备或至少另一个设备导出的。 代码针对在分类过程中从检测过程接收与无线活动相关联的至少身份信息。 代码用于将标识信息标记为分类处理中的多个类别中的至少一个。 根据实施例，存在其他代码以执行本文所描述的功能。

公开(公告)号：US08789191B2

公开(公告)日：2014-07-22

申请号：US13399626

申请日：2012-02-17

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

IPC分类号： H04L29/06

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus includes a processing unit. It includes a wireless network interface device and an Ethernet (or like) wired network interface device that are coupled to the processing unit. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from a wireless access point device that is operational about the selected local geographic region. A code is directed to performing connectivity test using one or more marker packets to determine connectivity status of the wireless access point device to network to be protected from intrusion. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

摘要翻译： 提供了一种包括自动入侵检测过程的无线通信装置。 该装置包括处理单元。 它包括耦合到处理单元的无线网络接口设备和以太网（或类似的）有线网络接口设备。 一个或多个存储器耦合到处理单元。 代码被指示执行用于检测所选局部地理区域内的无线活动的过程。 根据具体实施例，无线活动是从关于所选择的本地地理区域可操作的无线接入点设备导出的。 代码旨在使用一个或多个标记分组来执行连接测试，以确定无线接入点设备到网络的连接状态以防止入侵。 根据实施例，存在其他代码以执行本文所描述的功能。

公开(公告)号：US20120240196A1

公开(公告)日：2012-09-20

申请号：US13399626

申请日：2012-02-17

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

IPC分类号： G06F21/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： An apparatus for wireless communication including an automated intrusion detection process is provided. The apparatus includes a processing unit. It includes a wireless network interface device and an Ethernet (or like) wired network interface device that are coupled to the processing unit. One or more memories are coupled to the processing unit. A code is directed to perform a process for detection of wireless activity within a selected local geographic region. According to a specific embodiment, the wireless activity is derived from a wireless access point device that is operational about the selected local geographic region. A code is directed to performing connectivity test using one or more marker packets to determine connectivity status of the wireless access point device to network to be protected from intrusion. Depending upon the embodiment, other codes may exist to carry out the functionality described herein.

摘要翻译： 提供了一种包括自动入侵检测过程的无线通信装置。 该装置包括处理单元。 它包括耦合到处理单元的无线网络接口设备和以太网（或类似的）有线网络接口设备。 一个或多个存储器耦合到处理单元。 指令代码执行用于检测所选局部地理区域内的无线活动的过程。 根据具体实施例，无线活动是从关于所选择的本地地理区域可操作的无线接入点设备导出的。 代码旨在使用一个或多个标记分组来执行连接测试，以确定无线接入点设备到网络的连接状态以防止入侵。 根据实施例，存在其他代码以执行本文所描述的功能。

公开(公告)号：US20100132040A1

公开(公告)日：2010-05-27

申请号：US12419300

申请日：2009-04-07

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

IPC分类号： G06F11/30

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： According to an embodiment of the present invention, the wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers continue to monitor the selected geographic area to detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

摘要翻译： 根据本发明的实施例，使用称为嗅探器的一个或多个传感器设备监视包含LAN连接端口的地理区域中的无线活动。 通过分析所述无线活动，识别在所述地理区域中操作的一个或多个AP。 如此识别的活动AP被分为三类，即“授权”的AP（网络管理员允许的），“未经授权的”AP（网络管理员不允许但仍然连接到感兴趣的LAN ）和“外部”AP（网络管理员不允许但不连接到感兴趣的LAN，例如连接到邻居的LAN的AP）的“外部”AP（通过进行一个或多个测试）。 嗅探器继续监视所选择的地理区域以检测尝试连接到或与一个或多个识别的未经授权的AP通信的任何无线站。 在识别未经授权的AP和/或入侵无线站时，将指示传送到预防过程。

公开(公告)号：US09003527B2

公开(公告)日：2015-04-07

申请号：US13533674

申请日：2012-06-26

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C King

IPC分类号： H04L29/06 ,  G06F21/55 ,  H04L12/26 ,  H04W12/08 ,  H04W12/12 ,  H04W12/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

摘要翻译： 使用一个或多个称为嗅探器的传感器设备来监视包含LAN连接端口的地理区域中的无线活动。 通过分析所述无线活动，识别在所述地理区域中操作的一个或多个AP。 如此识别的活动AP被分为三类，即“授权”的AP（网络管理员允许的），“未经授权的”AP（网络管理员不允许但仍然连接到感兴趣的LAN ）和“外部”AP（网络管理员不允许但不连接到感兴趣的LAN，例如连接到邻居的LAN的AP）的“外部”AP（通过进行一个或多个测试）。 嗅探器检测尝试连接到或与一个或多个所识别的非授权AP通信的任何无线站。 在识别未经授权的AP和/或入侵无线站时，将指示传送到预防过程。

公开(公告)号：US20130117851A1

公开(公告)日：2013-05-09

申请号：US13533674

申请日：2012-06-26

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

IPC分类号： H04W12/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： The wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

摘要翻译： 使用一个或多个称为嗅探器的传感器设备来监视包含LAN连接端口的地理区域中的无线活动。 通过分析所述无线活动，识别在所述地理区域中操作的一个或多个AP。 如此识别的活动AP被分为三类，即“授权”的AP（网络管理员允许的），“未经授权的”AP（网络管理员不允许但仍然连接到感兴趣的LAN ）和“外部”AP（网络管理员不允许但不连接到感兴趣的LAN，例如连接到邻居的LAN的AP）的“外部”AP（通过进行一个或多个测试）。 嗅探器检测尝试连接到或与一个或多个所识别的非授权AP通信的任何无线站。 在识别未经授权的AP和/或入侵无线站时，将指示传送到预防过程。

公开(公告)号：US07536723B1

公开(公告)日：2009-05-19

申请号：US10931926

申请日：2004-08-31

申请人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

发明人： Pravin Bhagwat ,  Shantanu Gogate ,  David C. King

IPC分类号： G06F11/00 ,  G06F12/16 ,  G06F15/18 ,  G08B23/00

CPC分类号： G06F21/55 ,  H04L43/00 ,  H04L63/1416 ,  H04L69/16 ,  H04L69/161 ,  H04L69/163 ,  H04W12/00 ,  H04W12/08 ,  H04W12/12

摘要： According to an embodiment of the present invention, the wireless activity in a geographic area containing LAN connection ports is monitored using one or more sensor devices, called sniffers. By analyzing said wireless activity, one or more APs that are operating in said geographic area are identified. The active APs so identified are classified into three categories, namely “authorized” APs (those that are allowed by network administrator), “unauthorized” APs (those that are not allowed by the network administrator, but are still connected to the LAN of interest) and “external” APs (those that are not allowed by network administrator but are not connected to the LAN of interest, for example APs connected to the neighbor's LAN) by conducting one or more tests. The sniffers continue to monitor the selected geographic area to detect any wireless station attempting to connect to or communicating with the one or more identified unauthorized APs. Upon identifying unauthorized AP and/or intruding wireless station an indication is transferred to the prevention process.

摘要翻译： 根据本发明的实施例，使用称为嗅探器的一个或多个传感器设备监视包含LAN连接端口的地理区域中的无线活动。 通过分析所述无线活动，识别在所述地理区域中操作的一个或多个AP。 如此识别的活动AP被分为三类，即“授权”的AP（网络管理员允许的），“未经授权的”AP（网络管理员不允许但仍然连接到感兴趣的LAN ）和“外部”AP（网络管理员不允许但不连接到感兴趣的LAN，例如连接到邻居的LAN的AP）的“外部”AP（通过进行一个或多个测试）。 嗅探器继续监视所选择的地理区域以检测尝试连接到或与一个或多个识别的未经授权的AP通信的任何无线站。 在识别未经授权的AP和/或入侵无线站时，将指示传送到预防过程。